/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package trefliq.EJB.sessionbeans;

import java.util.Date;
import java.util.List;
import javax.annotation.security.PermitAll;
import javax.ejb.Stateless;
import javax.ejb.LocalBean;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import trefliq.EJB.entities.Orders;

/**
 *
 * @author dsimmons
 */
@Stateless
@LocalBean
@PermitAll  // (by default, allow all, restrict what's necessary)
public class OrdersSession {
    
    @PersistenceContext(unitName="trefliqPU")
    private EntityManager em;

    public Orders createOrder(Orders orders) {
        em.persist(orders);
        return orders;
    }
    
    //TODOSEC: @RolesAllowed({SecurityRole.ADMIN, SecurityRole.EMPLOYEE})
    public List<Orders> getAllOrders() {
        return em.createNamedQuery("findAllOrders", Orders.class).getResultList();
    }
    
    public Orders getOrderById(Long orderId) {
        return em.createNamedQuery("findOrderById", Orders.class).
                setParameter("id", orderId).getSingleResult();
    }
    
    public List<Orders> getOrdersForCustomerId(Long custId) {
        return em.createNamedQuery("findOrdersByCustomerId", Orders.class).
                setParameter("cid", custId).getResultList();
    }
    
    // TODO - this might not need to be protected?
    //TODOSEC: @RolesAllowed({SecurityRole.ADMIN, SecurityRole.EMPLOYEE})
    public List<Orders> getOrdersByDate(Date dateCreated) {
        return em.createNamedQuery("findOrdersByDate", Orders.class).
                setParameter("date", dateCreated).getResultList();
    }
    
    //TODOSEC: @RolesAllowed({SecurityRole.ADMIN, SecurityRole.EMPLOYEE})
    public List<Orders> getOrdersByStatus(String status) {
        return em.createNamedQuery("findOrdersByStatus", Orders.class).
                setParameter("status", status).getResultList();        
    }
}
